From 55427858e3f9d98dc7a75638c54a4fffde6be73a Mon Sep 17 00:00:00 2001
From: Samuli Piippo <samuli.piippo@qt.io>
Date: Wed, 20 Mar 2019 15:39:59 +0200
Subject: QStandardPaths: Correct handling for XDG_RUNTIME_DIR

Always try to create the runtime directory and never change
the permissions of an existing directory. Conform to the
XDG Base Directory Specification:

"If, when attempting to write a file, the destination directory
is non-existent an attempt should be made to create it with
permission 0700. If the destination directory exists already
the permissions should not be changed."

Fixes: QTBUG-68338
Change-Id: Iaf854d69225fc46e43abae86232d749e5c247df0
Reviewed-by: David Faure <david.faure@kdab.com>
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
---
 src/corelib/io/qstandardpaths_unix.cpp | 51 +++++++++++++++++++---------------
 1 file changed, 28 insertions(+), 23 deletions(-)

(limited to 'src/corelib/io/qstandardpaths_unix.cpp')

diff --git a/src/corelib/io/qstandardpaths_unix.cpp b/src/corelib/io/qstandardpaths_unix.cpp
index 3d4a349c8c..cc656954d9 100644
--- a/src/corelib/io/qstandardpaths_unix.cpp
+++ b/src/corelib/io/qstandardpaths_unix.cpp
@@ -120,54 +120,59 @@ QString QStandardPaths::writableLocation(StandardLocation type)
     }
     case RuntimeLocation:
     {
-        const uint myUid = uint(geteuid());
         // http://standards.freedesktop.org/basedir-spec/latest/
+        const uint myUid = uint(geteuid());
+        // since the current user is the owner, set both xxxUser and xxxOwner
+        const QFile::Permissions wantedPerms = QFile::ReadUser | QFile::WriteUser | QFile::ExeUser
+                                               | QFile::ReadOwner | QFile::WriteOwner | QFile::ExeOwner;
         QFileInfo fileInfo;
         QString xdgRuntimeDir = QFile::decodeName(qgetenv("XDG_RUNTIME_DIR"));
         if (xdgRuntimeDir.isEmpty()) {
             const QString userName = QFileSystemEngine::resolveUserName(myUid);
             xdgRuntimeDir = QDir::tempPath() + QLatin1String("/runtime-") + userName;
             fileInfo.setFile(xdgRuntimeDir);
-            if (!fileInfo.isDir()) {
-                if (!QDir().mkdir(xdgRuntimeDir)) {
-                    qWarning("QStandardPaths: error creating runtime directory %s: %s", qPrintable(xdgRuntimeDir), qPrintable(qt_error_string(errno)));
-                    return QString();
-                }
-            }
 #ifndef Q_OS_WASM
             qWarning("QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '%s'", qPrintable(xdgRuntimeDir));
 #endif
         } else {
             fileInfo.setFile(xdgRuntimeDir);
-            if (!fileInfo.exists()) {
-                qWarning("QStandardPaths: XDG_RUNTIME_DIR points to non-existing path '%s', "
-                         "please create it with 0700 permissions.", qPrintable(xdgRuntimeDir));
-                return QString();
-            }
+        }
+        if (fileInfo.exists()) {
             if (!fileInfo.isDir()) {
                 qWarning("QStandardPaths: XDG_RUNTIME_DIR points to '%s' which is not a directory",
                          qPrintable(xdgRuntimeDir));
                 return QString();
             }
+        } else {
+            QFileSystemEntry entry(xdgRuntimeDir);
+            if (!QFileSystemEngine::createDirectory(entry, false)) {
+                if (errno != EEXIST) {
+                    qWarning("QStandardPaths: error creating runtime directory %s: %s",
+                             qPrintable(xdgRuntimeDir), qPrintable(qt_error_string(errno)));
+                    return QString();
+                }
+            } else {
+                QSystemError error;
+                if (!QFileSystemEngine::setPermissions(entry, wantedPerms, error)) {
+                    qWarning("QStandardPaths: could not set correct permissions on runtime directory %s: %s",
+                             qPrintable(xdgRuntimeDir), qPrintable(error.toString()));
+                    return QString();
+                }
+            }
         }
         // "The directory MUST be owned by the user"
         if (fileInfo.ownerId() != myUid) {
-            qWarning("QStandardPaths: wrong ownership on runtime directory %s, %d instead of %d", qPrintable(xdgRuntimeDir),
-                     fileInfo.ownerId(), myUid);
+            qWarning("QStandardPaths: wrong ownership on runtime directory %s, %d instead of %d",
+                        qPrintable(xdgRuntimeDir), fileInfo.ownerId(), myUid);
             return QString();
         }
         // "and he MUST be the only one having read and write access to it. Its Unix access mode MUST be 0700."
-        // since the current user is the owner, set both xxxUser and xxxOwner
-        const QFile::Permissions wantedPerms = QFile::ReadUser | QFile::WriteUser | QFile::ExeUser
-                                               | QFile::ReadOwner | QFile::WriteOwner | QFile::ExeOwner;
         if (fileInfo.permissions() != wantedPerms) {
-            QFile file(xdgRuntimeDir);
-            if (!file.setPermissions(wantedPerms)) {
-                qWarning("QStandardPaths: could not set correct permissions on runtime directory %s: %s",
-                         qPrintable(xdgRuntimeDir), qPrintable(file.errorString()));
-                return QString();
-            }
+            qWarning("QStandardPaths: wrong permissions on runtime directory %s, %x instead of %x",
+                        qPrintable(xdgRuntimeDir), uint(fileInfo.permissions()), uint(wantedPerms));
+            return QString();
         }
+
         return xdgRuntimeDir;
     }
     default:
-- 
cgit v1.2.3